[RndTbl] creat() fails on non-root owned file when stickybit set on dir (tcsh) (new kernel bug?)
Adam Thompson
athompso at athompso.net
Fri Nov 29 23:57:42 CST 2019
On 2019-11-29 23:39, Trevor Cordes wrote:
> I agree that EACCES should not be a thing when running as root. In
> fact, I'm a firm believer in "root being able to do everything" on
> Linux [...] Adam vehemently argues the
> opposite :-)
I most certainly do not! I think SELinux is an abomination whose entire
concept needs to die a fiery death, and I'm not exactly stoked about
Capabilities, either. What I have said is that many large
organizations, especially those subject to periodic audits and/or who
need check-box compliance for e.g. PCI et al., *NEED* those capabilities
so that they can continue using UNIX.
When you get into a hierarchical, centrally-managed model, things change
again - there are valid use cases for wanting the local system "owner"
to have root access and be able to do most root-ish things, but not
absolutely everything. Network configuration is a common example - it's
pretty hard to trust your network when you can't trust that all the
systems on it have correct network settings. And if you give the
average programmer root access, they WILL screw up the network in some
new and interesting never-before-seen way. Go ahead, ask me how I know
:-).
Most of the time, technical users "need root" in order to start a daemon
that binds to a low port. Or maybe to change printer configuration.
There's a lot of crap that still can't be effectively managed by
non-root users on modern UNIX desktops. (MacOS being the obvious
exception here.) If I want to give a programmer a laptop running
Fedora, and have them use it everywhere and anywhere ('cuz, you know,
it's a LAPTOP) then I pretty much have no choice but to give them root
access to manage networks and printers and displays/peripherals. That's
often undesirable.
That's not to say the superuser paradigm is at fault - all those things
COULD very well be accomplished without root permissions (not even
sudo!), if the relevant subsystems had been designed with that in mind.
I'm still perfectly OK with the superuser paradigm, I blame the
mid-layers for most of its *supposed* shortcomings.
-Adam
More information about the Roundtable
mailing list